Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/lf_yv_QY4BCa49GqLTlr0mekOdA.roa
File: lf_yv_QY4BCa49GqLTlr0mekOdA.roa (raw, json)
Hash identifier: uGAVDumMnsEol53Z+11Aq39Y2jaKqrFx58H32choTiQ=
Subject key identifier: 95:FF:F2:BF:F4:18:E0:10:9A:E3:D1:AA:2D:39:6B:D2:67:A4:39:D0
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018FF13CD8A1BE6E76CC9D7B7A3EC395AB2D
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/lf_yv_QY4BCa49GqLTlr0mekOdA.roa
Signing time: Fri 07 Jun 2024 05:47:27 +0000
ROA not before: Fri 07 Jun 2024 05:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 91.149.193.0/24 maxlen: 24
91.149.215.0/24 maxlen: 24
91.149.228.0/24 maxlen: 24
91.149.244.0/22 maxlen: 22
91.149.248.0/22 maxlen: 22
91.149.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 09:46:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:3c:d8:a1:be:6e:76:cc:9d:7b:7a:3e:c3:95:ab:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jun 7 05:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95fff2bff418e0109ae3d1aa2d396bd267a439d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:30:68:65:9e:a4:ee:f6:0c:e8:c7:cb:f9:
7d:0c:58:be:46:16:5a:6b:1d:d7:e8:3b:c1:31:73:
08:1c:34:64:da:08:3b:5c:98:dd:19:4f:b5:90:5c:
9d:12:ba:09:d3:de:2c:03:c3:31:d3:aa:2a:ee:db:
63:e5:c0:12:56:e5:bf:fb:c6:41:f6:e6:dd:6e:41:
4b:3d:6d:ad:91:47:1b:f3:fa:21:1f:52:7f:f6:8f:
f2:09:5a:83:3f:6a:27:13:d7:44:23:a5:e1:24:af:
73:17:2f:d7:f0:fe:29:4d:50:e1:1b:ac:07:8f:ab:
d0:b4:95:6a:d9:f8:4a:b2:66:24:ad:51:57:1d:c6:
6c:6b:30:be:79:dd:6f:b2:8b:75:a8:40:76:6d:d8:
e6:7b:80:4c:39:93:80:5a:c6:bc:2a:18:21:21:32:
ea:a7:a0:ba:1a:3c:dd:32:9c:c8:09:49:40:c6:60:
4b:53:df:99:42:b3:0d:e3:3f:e0:d4:19:f6:bd:6c:
cd:2b:38:97:a1:c2:94:22:c3:30:c5:5b:ba:fa:37:
ea:50:d1:1e:b0:12:e8:f3:4d:4f:4e:8a:19:b3:a4:
be:54:89:70:b9:fb:22:17:fd:97:03:0b:33:05:88:
46:a1:3e:d2:e2:b2:6f:da:b5:ec:73:69:95:38:c5:
45:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FF:F2:BF:F4:18:E0:10:9A:E3:D1:AA:2D:39:6B:D2:67:A4:39:D0
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/lf_yv_QY4BCa49GqLTlr0mekOdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.193.0/24
91.149.215.0/24
91.149.228.0/24
91.149.244.0-91.149.252.255
Signature Algorithm: sha256WithRSAEncryption
1c:b9:c4:bf:d3:51:f3:14:03:7e:2e:b8:fc:c4:fd:87:2d:20:
0b:aa:c6:a2:78:93:ae:8e:49:32:9c:99:44:46:c1:5e:75:75:
f9:43:0e:e3:76:9d:c7:e2:43:28:0c:f9:62:8e:4e:a0:0a:45:
b8:07:b3:66:15:ec:93:27:ff:9d:83:23:18:1a:2e:61:10:f4:
9c:e8:3b:a4:28:c8:04:33:8b:cd:47:60:48:69:9c:5b:0a:6e:
a3:c4:04:d2:ab:65:48:bc:4e:eb:ee:36:3b:d9:5e:1f:1f:cd:
03:6a:6c:7b:34:36:81:79:ee:33:4b:1e:fb:1b:75:f7:42:0c:
07:b9:5b:f6:5f:02:42:4a:00:f1:b9:dd:1a:fd:88:16:b3:7c:
64:98:b9:aa:33:2c:57:67:fe:e4:68:f1:ae:9c:30:bc:db:ee:
fb:f2:96:63:35:86:d0:89:b0:37:34:08:1d:13:02:fa:55:08:
5f:c3:df:a2:35:63:bf:be:1f:b2:d5:47:b3:5e:d9:d4:f8:12:
10:80:c1:c1:8f:8a:e1:11:ee:06:d3:e3:b0:d1:19:41:63:f6:
dc:7c:b7:2e:b3:5f:e5:4e:79:95:0e:4a:f4:4f:82:43:d0:a4:
02:61:3c:92:31:79:bf:45:6e:22:d5:13:29:3a:5c:9c:e1:3b:
4a:8b:cb:f8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/xPNihvm52zJ17ej7DlastMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjQwNjA3MDU0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWZmZjJiZmY0MThlMDEwOWFlM2QxYWEyZDM5NmJkMjY3YTQzOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15YwaGWepO72DOjHy/l9DFi+RhZa
ax3X6DvBMXMIHDRk2gg7XJjdGU+1kFydEroJ094sA8Mx06oq7ttj5cASVuW/+8ZB
9ubdbkFLPW2tkUcb8/ohH1J/9o/yCVqDP2onE9dEI6XhJK9zFy/X8P4pTVDhG6wH
j6vQtJVq2fhKsmYkrVFXHcZsazC+ed1vsot1qEB2bdjme4BMOZOAWsa8KhghITLq
p6C6GjzdMpzICUlAxmBLU9+ZQrMN4z/g1Bn2vWzNKziXocKUIsMwxVu6+jfqUNEe
sBLo801PTooZs6S+VIlwufsiF/2XAwszBYhGoT7S4rJv2rXsc2mVOMVFzwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJX/8r/0GOAQmuPRqi05a9JnpDnQMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvbGZfeXZfUVk0QkNhNDlHcUxUbHIwbWVrT2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW5XBAwQA
W5XXAwQAW5XkMAwDBAJblfQDBABblfwwDQYJKoZIhvcNAQELBQADggEBABy5xL/T
UfMUA34uuPzE/YctIAuqxqJ4k66OSTKcmURGwV51dflDDuN2ncfiQygM+WKOTqAK
RbgHs2YV7JMn/52DIxgaLmEQ9JzoO6QoyAQzi81HYEhpnFsKbqPEBNKrZUi8Tuvu
NjvZXh8fzQNqbHs0NoF57jNLHvsbdfdCDAe5W/ZfAkJKAPG53Rr9iBazfGSYuaoz
LFdn/uRo8a6cMLzb7vvylmM1htCJsDc0CB0TAvpVCF/D36I1Y7++H7LVR7Ne2dT4
EhCAwcGPiuER7gbT47DRGUFj9tx8ty6zX+VOeZUOSvRPgkPQpAJhPJIxeb9FbiLV
Eyk6XJzhO0qLy/g=
-----END CERTIFICATE-----
Generated at Tue Nov 5 12:42:50 2024 by rpki-client on console-ams.rpki-client.org